A critical vulnerability in Wing FTP Server has been actively exploited, affecting thousands of organizations including the U.S. Air Force and Airbus. CISA has ordered urgent patching and warns that this flaw can lead to total server compromise. #WingFTPServer #CVE202547812…
Tag: PATCH
Cyble’s latest report reveals a significant increase in exploit attempts, malware campaigns, and brute-force attacks targeting IoT devices and enterprise systems worldwide. Critical vulnerabilities across various devices and software remain actively exploited, highlighting the need for rigorous patching and comprehensive security measures. #Mirai #CoinMiner #WannaCry #CVE-2025-45985 #CVE-2025-30220
The US CISA has issued an urgent warning about a critical Citrix NetScaler vulnerability, CVE-2025-5777, which can be exploited to read out-of-bounds memory and hijack sessions. Patches have been released, but many instances remain unpatched, posing significant security risks. #CitrixBleed #CVE20255777…
The recent Windows 10 KB5062554 update has caused the emoji search feature to stop working, hindering users’ ability to find emojis by keyword. Microsoft is expected to address this bug and encourages users to upgrade to Windows 11 for ongoing support. #Windows10 #KB5062554 #emojisearch #Windows11
The ESC15 vulnerability targets Active Directory Certificate Services (AD CS), allowing attackers to inject unauthorized EKUs into Schema Version 1 templates and escalate privileges. Organizations must act swiftly to implement mitigation measures and ensure their certificate templates are secure. #ESC15 #ActiveDirectoryCertificateServices
![Cybersecurity News | Daily Recap [12 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [12 Jul 2025]")
Cybersecurity threats continue to evolve with critical vulnerabilities in Wing FTP Server, Laravel, FortiWeb, Citrix, and OpenVSX marketplace being actively exploited or patched. Major data breaches involve Louis Vuitton, McDonald’s, and Albemarle County, while AI security faces challenges from jailbreaks and national security concerns with DeepSeek. #WingFTP #Laravel #FortiWeb #Citrix #OpenVSX #LouisVuitton #McDonald’s #DeepSeek
A critical SQL injection vulnerability (CVE-2025-25257) in Fortinet FortiWeb allows attackers to execute remote code without authentication, potentially leading to server compromise. The flaw has been publicly exploited through proof-of-concept tools, emphasizing the urgency for timely patching. #FortiWeb #SQLInjection
The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway, urging federal agencies to patch within a day. Threat actors are actively testing and sharing exploits, increasing the risk of widespread attack, prompting urgent mitigation measures. #CitrixBleed2 #CVE-2025-5777
A critical zero-day vulnerability was discovered in OpenVSX, the marketplace for VS Code extensions, which could allow attackers to hijack over 10 million machines. This flaw highlights the dangers of extension-based development environments, emphasizing the need for strict security practices. #OpenVSX #VSCodeExtensions
Fortinet has issued security updates for a critical SQL injection vulnerability in FortiWeb, which could allow attackers to execute arbitrary database commands. This flaw impacts multiple versions and is rooted in improper input sanitization in specific API functions. #FortiWeb #SQLInjection…
The Cybersecurity and Infrastructure Security Agency (CISA) has urgently ordered all federal civilian agencies to patch the critical vulnerability CVE-2025-5777, known as “Citrix Bleed 2,” within 24 hours to prevent exploitation. Multiple threat actors, including ransomware gangs, are actively exploiting this bug, which affects Citrix NetScaler appliances and could lead to…
The article analyzes a malware variant involved in the SLOW#TEMPEST campaign, focusing on advanced obfuscation techniques such as control flow graph (CFG) obfuscation using dynamic jumps and obfuscated function calls to evade detection. It also presents methods and tools developed to de-obfuscate the malware, enabling better analysis and defense. #SLOWTEMPEST #emulation…
Hackers are exploiting a critical vulnerability in Wing FTP Server (CVE-2025-47812) that allows remote code execution through null byte injection and Lua code manipulation. This flaw affects versions up to 7.4.3 and has led to targeted attacks, with potential risks for thousands of exposed servers. #WingFTPServer #CVE202547812…
Researchers from the University of Toronto have demonstrated that Rohammer attacks can be conducted against GPUs, specifically Nvidia GDDR6 memory, affecting machine learning models. The findings highlight the potential security risks to AI systems and the importance of system-level ECC mitigation. #GPUHammer #Rohammer #NvidiaA6000 #DeepNeuralNetworks…
Security researchers have uncovered the critical “PerfektBlue” Bluetooth vulnerabilities impacting millions of vehicles and devices using OpenSynergy’s BlueSDK framework. These flaws can be exploited remotely with minimal user interaction, allowing attackers to access personal data and control vehicle systems. #PerfektBlue #OpenSynergy #BlueSDK #AutomotiveSecurity…